freeswan težava
Dalibor
lugos at ice.si
Mon Sep 6 15:37:48 CEST 2004
Narejen imam vpn tunel z freeswanom. Stvar dela nekaj časa in nato ne
spusti nobenega prometa skozi, čeprav ipsec auto --status pokaže, da je
vse ok.
v /var/log/auth.log dobim
Sep 6 15:23:05 localhost Pluto[10699]: "Dusseldorf-Frankfurt" #140: no
acceptable Proposal in IPsec SA
Sep 6 15:23:15 localhost Pluto[10699]: "Dusseldorf-Frankfurt" #3: Quick
Mode I1 message is unacceptable because it uses a previously used
Message ID 0xc1edef39 (perhaps this is a duplicated packet)
/etc/ipsec.conf
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
uniqueids=yes
conn %default
keyingtries=1
compress=yes
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn Dusseldorf-Frankfurt
type=tunnel
left=xxx
leftnexthop=xxx
leftsubnet=192.168.2.0/24
right=xxxx
rightnexthop=xxxx
rightsubnet=10.51.0.0/16
authby=secret
auth=esp
ikelifetime=7800
pfs=yes
compress=no
keyingtries=0
auto=start
V čem bi lahko bil problem?
More information about the lugos-list
mailing list